[ 43.139427][ T25] audit: type=1800 audit(1575352130.769:26): pid=7987 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 43.173547][ T25] audit: type=1800 audit(1575352130.769:27): pid=7987 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 43.206778][ T25] audit: type=1800 audit(1575352130.769:28): pid=7987 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 44.141617][ T25] audit: type=1800 audit(1575352131.789:29): pid=7987 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.13' (ECDSA) to the list of known hosts. 2019/12/03 05:49:02 fuzzer started 2019/12/03 05:49:03 dialing manager at 10.128.0.26:38907 2019/12/03 05:49:03 syscalls: 2697 2019/12/03 05:49:03 code coverage: enabled 2019/12/03 05:49:03 comparison tracing: enabled 2019/12/03 05:49:03 extra coverage: extra coverage is not supported by the kernel 2019/12/03 05:49:03 setuid sandbox: enabled 2019/12/03 05:49:03 namespace sandbox: enabled 2019/12/03 05:49:03 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/03 05:49:03 fault injection: enabled 2019/12/03 05:49:03 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/03 05:49:03 net packet injection: enabled 2019/12/03 05:49:03 net device setup: enabled 2019/12/03 05:49:03 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/03 05:49:03 devlink PCI setup: PCI device 0000:00:10.0 is not available 05:49:04 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x4d) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xaf, &(0x7f0000000140), &(0x7f00000000c0)=0x4) 05:49:04 executing program 1: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) r1 = open(&(0x7f0000000400)='./bus\x00', 0x1044142, 0x0) ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0) r2 = creat(&(0x7f0000000140)='./bus\x00', 0x0) ftruncate(r2, 0x208200) sendfile(r0, r1, 0x0, 0x8000fffffffe) syzkaller login: [ 57.119984][ T8150] IPVS: ftp: loaded support on port[0] = 21 [ 57.245882][ T8152] IPVS: ftp: loaded support on port[0] = 21 05:49:04 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='dctcp\x00', 0x6) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f000012afe4)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000003, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) [ 57.321820][ T8150] chnl_net:caif_netlink_parms(): no params data found [ 57.479374][ T8150] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.502117][ T8150] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.509975][ T8150] device bridge_slave_0 entered promiscuous mode [ 57.529716][ T8156] IPVS: ftp: loaded support on port[0] = 21 [ 57.537416][ T8150] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.545486][ T8150] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.556830][ T8150] device bridge_slave_1 entered promiscuous mode 05:49:05 executing program 3: syz_open_procfs(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) connect$l2tp(0xffffffffffffffff, 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) socket$alg(0x26, 0x5, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, 0x0) r3 = fcntl$dupfd(r2, 0x0, r0) ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) [ 57.575221][ T8152] chnl_net:caif_netlink_parms(): no params data found [ 57.592616][ T8150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.625225][ T8150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.680896][ T8150] team0: Port device team_slave_0 added [ 57.705013][ T8150] team0: Port device team_slave_1 added [ 57.712268][ T8152] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.719410][ T8152] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.742822][ T8152] device bridge_slave_0 entered promiscuous mode [ 57.751248][ T8152] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.772026][ T8152] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.782483][ T8152] device bridge_slave_1 entered promiscuous mode [ 57.849041][ T8152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 05:49:05 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$ion(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x10000, 0x20000000209}) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, 0x0) [ 57.946611][ T8150] device hsr_slave_0 entered promiscuous mode [ 58.004480][ T8150] device hsr_slave_1 entered promiscuous mode [ 58.057206][ T8152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.081146][ T8159] IPVS: ftp: loaded support on port[0] = 21 05:49:05 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000600000/0x4000)=nil, 0x4000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) dup2(r0, r1) r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r3, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendfile(r1, r2, &(0x7f0000000040)=0x103f00, 0x8001) [ 58.156414][ T8152] team0: Port device team_slave_0 added [ 58.168440][ T8161] IPVS: ftp: loaded support on port[0] = 21 [ 58.176408][ T8152] team0: Port device team_slave_1 added [ 58.247004][ T8150] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.305632][ T8150] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.425032][ T8152] device hsr_slave_0 entered promiscuous mode [ 58.492231][ T8152] device hsr_slave_1 entered promiscuous mode [ 58.542147][ T8152] debugfs: Directory 'hsr0' with parent '/' already present! [ 58.556919][ T8164] IPVS: ftp: loaded support on port[0] = 21 [ 58.579020][ T8156] chnl_net:caif_netlink_parms(): no params data found [ 58.588279][ T8150] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.633711][ T8150] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.769954][ T8156] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.777937][ T8156] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.785869][ T8156] device bridge_slave_0 entered promiscuous mode [ 58.795135][ T8156] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.802277][ T8156] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.809876][ T8156] device bridge_slave_1 entered promiscuous mode [ 58.817033][ T8152] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 58.895167][ T8152] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 58.957126][ T8152] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.028281][ T8156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.043411][ T8152] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.100008][ T8156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.159494][ T8156] team0: Port device team_slave_0 added [ 59.183236][ T8156] team0: Port device team_slave_1 added [ 59.222223][ T8161] chnl_net:caif_netlink_parms(): no params data found [ 59.305344][ T8156] device hsr_slave_0 entered promiscuous mode [ 59.362470][ T8156] device hsr_slave_1 entered promiscuous mode [ 59.412083][ T8156] debugfs: Directory 'hsr0' with parent '/' already present! [ 59.422730][ T8159] chnl_net:caif_netlink_parms(): no params data found [ 59.460505][ T8161] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.467909][ T8161] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.475985][ T8161] device bridge_slave_0 entered promiscuous mode [ 59.484042][ T8161] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.491130][ T8161] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.499023][ T8161] device bridge_slave_1 entered promiscuous mode [ 59.518353][ T8150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.537625][ T8164] chnl_net:caif_netlink_parms(): no params data found [ 59.559688][ T8161] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.590085][ T8161] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.630951][ T8164] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.638177][ T8164] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.646004][ T8164] device bridge_slave_0 entered promiscuous mode [ 59.659908][ T8156] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 59.738566][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.746880][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.760742][ T8164] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.769230][ T8164] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.777410][ T8164] device bridge_slave_1 entered promiscuous mode [ 59.786203][ T8161] team0: Port device team_slave_0 added [ 59.796931][ T8161] team0: Port device team_slave_1 added [ 59.802717][ T8156] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 59.858664][ T8150] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.865967][ T8159] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.873558][ T8159] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.881788][ T8159] device bridge_slave_0 entered promiscuous mode [ 59.904847][ T8164] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.919811][ T8156] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 59.975187][ T8159] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.983445][ T8159] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.991138][ T8159] device bridge_slave_1 entered promiscuous mode [ 60.011231][ T8159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.028695][ T8164] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.046221][ T8156] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.106603][ T8159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.165413][ T8161] device hsr_slave_0 entered promiscuous mode [ 60.202840][ T8161] device hsr_slave_1 entered promiscuous mode [ 60.242152][ T8161] debugfs: Directory 'hsr0' with parent '/' already present! [ 60.256778][ T8164] team0: Port device team_slave_0 added [ 60.264854][ T8164] team0: Port device team_slave_1 added [ 60.289040][ T8159] team0: Port device team_slave_0 added [ 60.296510][ T8159] team0: Port device team_slave_1 added [ 60.310215][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.318778][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.327835][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.335075][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.343958][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.352873][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.361151][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.368266][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.387618][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.444721][ T8164] device hsr_slave_0 entered promiscuous mode [ 60.472257][ T8164] device hsr_slave_1 entered promiscuous mode [ 60.524897][ T8164] debugfs: Directory 'hsr0' with parent '/' already present! [ 60.566500][ T8152] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.578130][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 60.591254][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.663879][ T8159] device hsr_slave_0 entered promiscuous mode [ 60.742687][ T8159] device hsr_slave_1 entered promiscuous mode [ 60.782127][ T8159] debugfs: Directory 'hsr0' with parent '/' already present! [ 60.823865][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.833083][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.841815][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.851005][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.859848][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.879815][ T8152] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.902353][ T8159] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 60.933773][ T8159] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 60.988167][ T8159] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 61.033806][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.041688][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.050037][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 61.058457][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 61.067235][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.075759][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.084321][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 61.093354][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.102609][ T3076] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.109829][ T3076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.117840][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 61.126521][ T3076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.134953][ T3076] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.142022][ T3076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.152877][ T8161] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 61.204248][ T8161] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 61.243895][ T8161] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 61.297064][ T8159] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 61.366407][ T8150] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 61.378368][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 61.386473][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 61.397947][ T8161] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 61.451504][ T8164] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 61.485010][ T8164] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 61.557418][ T8164] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 61.626968][ T8164] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 61.663494][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 61.672437][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 61.681019][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 61.689605][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 61.698623][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 61.707124][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 61.716249][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 61.724452][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 61.738678][ T8152] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 61.751332][ T8152] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 61.766904][ T8150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.777664][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 61.786105][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 61.795551][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.804108][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.813285][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 61.856361][ T8152] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.897452][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 61.905252][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 61.939883][ T8156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.959736][ T8156] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.975008][ T8161] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.005415][ T8159] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.014170][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.023144][ T8166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.094725][ T8156] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 167.041892][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 167.048902][ C1] (detected by 1, t=10502 jiffies, g=6481, q=296) [ 167.055393][ C1] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4294953838-4294943336), jiffies_till_next_fqs=1, root ->qsmask 0x0 [ 167.068822][ C1] syz-executor.0 R running task 27768 8174 8150 0x0000400a [ 167.076726][ C1] Call Trace: [ 167.079998][ C1] [ 167.083030][ C1] sched_show_task+0x40f/0x560 [ 167.087809][ C1] rcu_sched_clock_irq+0x1861/0x1ad0 [ 167.093095][ C1] update_process_times+0x12d/0x180 [ 167.098282][ C1] tick_sched_timer+0x263/0x420 [ 167.103123][ C1] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 167.108658][ C1] __hrtimer_run_queues+0x403/0x840 [ 167.113868][ C1] hrtimer_interrupt+0x38c/0xda0 [ 167.118899][ C1] ? debug_smp_processor_id+0x9/0x20 [ 167.124179][ C1] smp_apic_timer_interrupt+0x109/0x280 [ 167.129731][ C1] apic_timer_interrupt+0xf/0x20 [ 167.134663][ C1] [ 167.137601][ C1] RIP: 0010:free_thread_stack+0x16d/0x590 [ 167.143309][ C1] Code: c3 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 25 a4 69 00 48 8b 3b be fc ff ff ff e8 28 04 00 00 43 80 3c 2e 00 <74> 08 4c 89 e7 e8 09 a4 69 00 49 8b 1c 24 48 83 c3 08 48 89 d8 48 [ 167.162903][ C1] RSP: 0018:ffffc900023a73c8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 167.171437][ C1] RAX: ffffffff81487433 RBX: ffff88809fac4288 RCX: 0000000000040000 [ 167.179419][ C1] RDX: ffffc9000202a000 RSI: 000000000003ffff RDI: 0000000000040000 [ 167.187391][ C1] RBP: ffffc900023a7400 R08: 000000000003a768 R09: ffffed1012805eb7 [ 167.195350][ C1] R10: ffffed1012805eb7 R11: 0000000000000000 R12: ffff88809fac4320 [ 167.203312][ C1] R13: dffffc0000000000 R14: 1ffff11013f58864 R15: ffff88809402f5a8 [ 167.211312][ C1] ? mod_memcg_page_state+0x123/0x190 [ 167.216678][ C1] ? free_thread_stack+0x168/0x590 [ 167.221780][ C1] put_task_stack+0xa3/0x130 [ 167.226358][ C1] finish_task_switch+0x3f1/0x550 [ 167.231386][ C1] __schedule+0x9a8/0xcc0 [ 167.235809][ C1] preempt_schedule_irq+0xc1/0x140 [ 167.240913][ C1] retint_kernel+0x1b/0x2b [ 167.245318][ C1] RIP: 0010:stack_trace_consume_entry+0x11f/0x260 [ 167.251726][ C1] Code: ff df 80 3c 08 00 74 08 4c 89 e7 e8 db 75 4c 00 4d 8b 3c 24 4c 89 f2 41 8d 5e 01 49 bc 00 00 00 00 00 fc ff df 43 8a 44 25 00 <84> c0 0f 85 ea 00 00 00 4c 8b 6d c8 41 89 5d 00 49 8d 1c d7 48 89 [ 167.271319][ C1] RSP: 0018:ffffc900023a7610 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff02 [ 167.279723][ C1] RAX: 1ffff92000474e00 RBX: 0000000000000005 RCX: dffffc0000000000 [ 167.287684][ C1] RDX: 0000000000000004 RSI: 0000000000001276 RDI: 0000000000001277 [ 167.295665][ C1] RBP: ffffc900023a7660 R08: ffffffff81659cc5 R09: ffffc900023a7670 [ 167.303625][ C1] R10: fffff52000474eda R11: 0000000000000000 R12: dffffc0000000000 [ 167.311600][ C1] R13: 1ffff92000474ee4 R14: 0000000000000004 R15: ffffc900023a7780 [ 167.319572][ C1] ? stack_trace_consume_entry+0xa5/0x260 [ 167.325298][ C1] ? dccp_hdlr_ackvec+0xbc/0x100 [ 167.330236][ C1] ? stack_trace_save+0x150/0x150 [ 167.335256][ C1] arch_stack_walk+0xa8/0xe0 [ 167.339837][ C1] ? dccp_hdlr_ackvec+0xbc/0x100 [ 167.344769][ C1] stack_trace_save+0xb6/0x150 [ 167.349525][ C1] __kasan_kmalloc+0x11c/0x1b0 [ 167.354278][ C1] ? __kasan_kmalloc+0x11c/0x1b0 [ 167.359204][ C1] ? kasan_slab_alloc+0xf/0x20 [ 167.363958][ C1] ? kmem_cache_alloc+0x1f5/0x2e0 [ 167.368970][ C1] ? dccp_ackvec_alloc+0x26/0x120 [ 167.373984][ C1] ? __lock_acquire+0xc75/0x1be0 [ 167.378918][ C1] ? __kasan_check_read+0x11/0x20 [ 167.383931][ C1] ? mark_lock+0x107/0x1650 [ 167.388425][ C1] ? __kfree_skb+0x13e/0x1c0 [ 167.393030][ C1] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 167.398300][ C1] ? kmem_cache_alloc+0x194/0x2e0 [ 167.403336][ C1] kasan_slab_alloc+0xf/0x20 [ 167.407918][ C1] kmem_cache_alloc+0x1f5/0x2e0 [ 167.412753][ C1] ? dccp_ackvec_alloc+0x26/0x120 [ 167.417768][ C1] dccp_ackvec_alloc+0x26/0x120 [ 167.422629][ C1] dccp_hdlr_ackvec+0xbc/0x100 [ 167.427380][ C1] dccp_feat_activate_values+0x5af/0xce0 [ 167.433031][ C1] dccp_rcv_state_process+0x1185/0x1a60 [ 167.438570][ C1] dccp_v4_do_rcv+0xf5/0x190 [ 167.443153][ C1] __release_sock+0x1c1/0x4a0 [ 167.447825][ C1] release_sock+0x65/0x1c0 [ 167.452232][ C1] __inet_stream_connect+0x538/0xc40 [ 167.457526][ C1] ? wait_woken+0x230/0x230 [ 167.462020][ C1] inet_stream_connect+0x63/0xa0 [ 167.466946][ C1] ? __inet_stream_connect+0xc40/0xc40 [ 167.472392][ C1] __sys_connect_file+0x279/0x2f0 [ 167.477416][ C1] __x64_sys_connect+0xa2/0xf0 [ 167.482173][ C1] do_syscall_64+0xf7/0x1c0 [ 167.486669][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 167.492551][ C1] RIP: 0033:0x45a679 [ 167.496446][ C1] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 167.516172][ C1] RSP: 002b:00007fab447f9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 167.524579][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679 [ 167.532540][ C1] RDX: 0000000000000010 RSI: 0000000020e5c000 RDI: 0000000000000004 [ 167.540499][ C1] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 167.548455][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab447fa6d4 [ 167.556420][ C1] R13: 00000000004c0e08 R14: 00000000004d4a60 R15: 00000000ffffffff [ 167.564400][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g6481 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 167.575484][ C1] rcu: RCU grace-period kthread stack dump: [ 167.581358][ C1] rcu_preempt R running task 29032 10 2 0x80004000 [ 167.589242][ C1] Call Trace: [ 167.592525][ C1] __schedule+0x9a0/0xcc0 [ 167.596848][ C1] schedule+0x181/0x210 [ 167.600997][ C1] schedule_timeout+0x14f/0x240 [ 167.605839][ C1] ? run_local_timers+0x120/0x120 [ 167.610863][ C1] rcu_gp_kthread+0xed8/0x1770 [ 167.615637][ C1] kthread+0x332/0x350 [ 167.619689][ C1] ? rcu_report_qs_rsp+0x140/0x140 [ 167.624787][ C1] ? kthread_blkcg+0xe0/0xe0 [ 167.629364][ C1] ret_from_fork+0x24/0x30